Hardware Security Module (HSM)

21st September 2021 | Cybrary

A Hardware Security Module (HSM) is a physical security device that safeguards and manages digital keys, performs encryption and decryption services, strong authentication, and often have tamper detection and prevention built into the devices themselves. Each HSM contains one or more secure ‘cryptoprocessor’ chips to prevent tampering and ‘bus probing’.

A common example of HSMs in our daily lives is our use of Automated Telling Machines (ATMs). We all possess ATM or Debit cards that allow us to gain access to our bank account. When you insert your card into the machine, it verifies that the 4 digit PIN you enter matches the reference PIN known to the card issuer. Similarly, this is how a network administrator would gain access to sensitive information. They would have their physical security card (or device) along with another form of authentication such as a password they know or biometric information (fingerprint, retina scan). HSMs are used as a form of Two-Factor Authentication when attempting to access critical data in a network or system.

What does this mean for an SMB?

Network administrators at an MSP or SMB may not have much reason to work with an HSM to secure their company or network. The exception here is high security SMBs working on government contracts which need to protect CUI, ITAR, or Top secret data. In these cases, they may receive an HSM from the government to protect the data entrusted to them. For most others, it is not likely to be used or needed. While HSMs have their place, it is more important for MSPs and SMBs to implement other security tools listed below in your toolbelt. CyberHoot recommends the following best practices to protect individuals and businesses against, and limit damages from, online cyber attacks:

Adopt a password manager for better personal/work password hygiene
Require two-factor authentication on any SaaS solution or critical accounts
Require 14+ character Passwords in your Governance Policies
Train employees to spot and avoid email-based phishing attacks
Check that employees can spot and avoid phishing emails by testing them
Backup data using the 3-2-1 method
Incorporate the Principle of Least Privilege
Perform a risk assessment every two to three years

To learn more about Hardware Security Modules (HSMs), watch this short 3-minute video:

Sources:

TechTarget

Wikipedia

Additional Reading:

WhatsApp Security Improvements

Related Terms:

Two-Factor Authentication

Encryption

CyberHoot does have some other resources available for your use. Below are links to all of our resources, feel free to check them out whenever you like:

Blog
Cybrary (Cyber Library)
Infographics
Newsletters
Press Releases
Instructional Videos (HowTo) – very helpful for our SuperUsers!

Note: If you’d like to subscribe to our newsletter, visit any link above (besides infographics) and enter your email address on the right-hand side of the page, and click ‘Send Me Newsletters’.